PT-2026-57841 · Rejetto · Rejetto Hfs

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-61500

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Rejetto HFS versions 3.0.0 through 3.2.0
Description The software derives its session-cookie signing key from the non-cryptographic Math.random() generator and discloses outputs of this generator to unauthenticated clients during login. A remote attacker can collect login responses to reconstruct the generator state and recover the signing key. This allows the attacker to forge a valid administrator session cookie, granting full administrative access and enabling remote code execution through the server code configuration feature.
Recommendations Update Rejetto HFS versions 3.0.0 through 3.2.0 to a newer version that contains a fix.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-61500

Affected Products

Rejetto Hfs